Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/HDAVfArCsnhX6hjM4KYvSf4MnVo.roa
File: HDAVfArCsnhX6hjM4KYvSf4MnVo.roa (raw, json)
Hash identifier: u917pXJc3psMtjyXYw1v4MD/5TJgdCrAJbO2SMLVgKg=
Subject key identifier: 1C:30:15:7C:0A:C2:B2:78:57:EA:18:CC:E0:A6:2F:49:FE:0C:9D:5A
Certificate issuer: /CN=be8c0a74f47312df298a46095e47525d515854a1
Certificate serial: 01874B0029DEE574552C21F3A5C8D7ED73D5
Authority key identifier: BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/HDAVfArCsnhX6hjM4KYvSf4MnVo.roa
Signing time: Tue 04 Apr 2023 06:41:54 +0000
ROA not before: Tue 04 Apr 2023 06:41:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12963
IP address blocks: 94.232.208.0/24 maxlen: 24
94.232.209.0/24 maxlen: 24
94.232.210.0/24 maxlen: 24
94.232.211.0/24 maxlen: 24
94.232.212.0/24 maxlen: 24
94.232.213.0/24 maxlen: 24
176.97.3.0/24 maxlen: 24
176.97.4.0/22 maxlen: 22
176.97.0.0/23 maxlen: 23
176.97.2.0/24 maxlen: 24
91.218.72.0/24 maxlen: 24
91.218.73.0/24 maxlen: 24
91.218.74.0/24 maxlen: 24
91.218.75.0/24 maxlen: 24
94.232.214.0/24 maxlen: 24
94.232.215.0/24 maxlen: 24
91.197.168.0/24 maxlen: 24
91.197.169.0/24 maxlen: 24
91.197.170.0/24 maxlen: 24
91.197.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:00:29:de:e5:74:55:2c:21:f3:a5:c8:d7:ed:73:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8c0a74f47312df298a46095e47525d515854a1
Validity
Not Before: Apr 4 06:41:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c30157c0ac2b27857ea18cce0a62f49fe0c9d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:63:91:c2:24:a9:e3:ef:53:cf:21:1b:d8:a6:
f7:ab:8f:86:ce:87:70:69:98:01:97:2c:62:3c:98:
6f:8f:db:f5:77:0d:35:35:3a:48:a0:ef:7b:68:78:
11:2a:48:df:81:74:cd:78:69:1e:dd:6b:c2:ed:b8:
d7:d0:be:3a:87:b4:d6:15:0d:2b:b2:b2:cb:44:42:
44:78:1f:01:46:a5:45:8b:0a:21:4f:e1:d9:26:fe:
6b:a1:10:ec:5d:e7:e3:e2:49:0c:58:4c:2f:46:db:
b4:46:44:de:cc:3f:65:58:bf:15:4f:11:29:34:32:
f9:04:1b:d4:71:1b:82:e0:a9:41:48:36:05:40:86:
d0:b8:3b:57:c0:9d:7f:88:4c:fd:7a:52:ac:cd:cd:
ff:71:d4:90:7b:c3:64:bb:ca:8d:74:76:58:20:6a:
2a:ab:bb:18:ec:59:d1:c8:40:8d:1c:64:55:33:6d:
aa:69:cf:a6:40:e6:7e:49:cf:b5:82:ab:fe:63:8b:
b7:6d:f4:b8:46:db:fe:00:91:d0:05:a0:1a:1e:fd:
6d:db:6c:bd:81:86:bb:50:db:0f:42:33:fa:14:1a:
9b:7a:b7:f2:10:94:ce:f3:86:f8:bd:b5:fa:b5:32:
e3:a0:96:ac:c6:73:87:85:83:3a:d4:7d:45:96:fe:
88:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:30:15:7C:0A:C2:B2:78:57:EA:18:CC:E0:A6:2F:49:FE:0C:9D:5A
X509v3 Authority Key Identifier:
keyid:BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/HDAVfArCsnhX6hjM4KYvSf4MnVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/vowKdPRzEt8pikYJXkdSXVFYVKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.168.0/22
91.218.72.0/22
94.232.208.0/21
176.97.0.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:5b:09:39:c7:32:58:ad:ca:d6:c0:1d:f6:7e:5c:05:98:26:
f3:b9:c9:56:13:c9:e1:8a:3c:4f:b8:6a:be:a3:70:00:c5:2a:
f3:c3:99:41:9a:dc:6e:fe:14:2e:17:52:d3:81:e6:24:83:00:
45:25:8b:76:fa:20:77:7f:29:07:89:80:e9:46:d0:b9:a5:8e:
ee:19:03:f0:f9:9c:56:bb:be:b4:9e:78:6b:8a:31:03:5e:bc:
a7:7d:c9:94:b6:f3:94:70:cc:99:7b:70:fd:e5:ad:53:4f:9a:
cd:5b:62:de:9b:87:76:05:c4:fc:65:42:1f:a1:20:85:fc:f4:
0b:a9:54:7a:47:a8:a2:75:21:07:b3:3b:fc:f2:9e:48:bb:1b:
e0:6c:0c:83:9e:fb:f7:9a:ec:8c:bb:81:e9:0f:06:ef:cb:53:
de:26:66:44:1a:64:ca:fa:70:19:46:6c:67:48:b8:6e:64:fb:
dc:94:bc:33:72:79:a1:27:6c:7a:16:52:61:0b:7f:c6:b2:2d:
18:d0:dc:4f:98:28:2b:f6:8b:22:79:fa:52:18:cd:4c:26:2a:
52:61:06:98:62:91:b1:6d:42:24:45:a3:16:94:71:1c:70:e4:
1f:6a:cb:8e:e5:d8:cd:24:2b:f6:4a:b0:01:08:ed:51:9e:7f:
99:75:37:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdLACne5XRVLCHzpcjX7XPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGMwYTc0ZjQ3MzEyZGYyOThhNDYwOTVlNDc1MjVkNTE1
ODU0YTEwHhcNMjMwNDA0MDY0MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMwMTU3YzBhYzJiMjc4NTdlYTE4Y2NlMGE2MmY0OWZlMGM5ZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2ORwiSp4+9TzyEb2Kb3q4+Gzodw
aZgBlyxiPJhvj9v1dw01NTpIoO97aHgRKkjfgXTNeGke3WvC7bjX0L46h7TWFQ0r
srLLREJEeB8BRqVFiwohT+HZJv5roRDsXefj4kkMWEwvRtu0RkTezD9lWL8VTxEp
NDL5BBvUcRuC4KlBSDYFQIbQuDtXwJ1/iEz9elKszc3/cdSQe8Nku8qNdHZYIGoq
q7sY7FnRyECNHGRVM22qac+mQOZ+Sc+1gqv+Y4u3bfS4Rtv+AJHQBaAaHv1t22y9
gYa7UNsPQjP6FBqberfyEJTO84b4vbX6tTLjoJasxnOHhYM61H1Flv6I2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBwwFXwKwrJ4V+oYzOCmL0n+DJ1aMB8GA1UdIwQY
MBaAFL6MCnT0cxLfKYpGCV5HUl1RWFShMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMt
MjhlNDE2Y2YxMWNmLzEvSERBVmZBckNzbmhYNmhqTTRLWXZTZjRNblZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMtMjhlNDE2Y2YxMWNm
LzEvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8WoAwQC
W9pIAwQDXujQAwQDsGEAMA0GCSqGSIb3DQEBCwUAA4IBAQAPWwk5xzJYrcrWwB32
flwFmCbzuclWE8nhijxPuGq+o3AAxSrzw5lBmtxu/hQuF1LTgeYkgwBFJYt2+iB3
fykHiYDpRtC5pY7uGQPw+ZxWu760nnhrijEDXrynfcmUtvOUcMyZe3D95a1TT5rN
W2Lem4d2BcT8ZUIfoSCF/PQLqVR6R6iidSEHszv88p5IuxvgbAyDnvv3muyMu4Hp
Dwbvy1PeJmZEGmTK+nAZRmxnSLhuZPvclLwzcnmhJ2x6FlJhC3/Gsi0Y0NxPmCgr
9osiefpSGM1MJipSYQaYYpGxbUIkRaMWlHEccOQfasuO5djNJCv2SrABCO1Rnn+Z
dTdv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:57 2025 by rpki-client